An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100_${today's_date}.log for reading a filename such as gapm7100_190101.log.
References
Link | Resource |
---|---|
https://github.com/epistemophilia/CVEs/blob/master/LG-GAMP-Routers/CVE-2019-7404/poc-cve-2019-7404.py | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-05-13T13:44:19
Updated: 2019-05-13T13:44:19
Reserved: 2019-02-05T00:00:00
Link: CVE-2019-7404
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-05-13T14:29:02.050
Modified: 2021-07-21T11:39:23.747
Link: CVE-2019-7404
JSON object: View
Redhat Information
No data.
CWE